Critical-risk tools in ReverseCraft DevTools MCP
7 of the 46 tools in ReverseCraft DevTools MCP are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
clear_cookiesDestructiveClear browser cookies for all sites or a specific domain.
-
clear_persistent_scriptsDestructiveRemove all registered persistent scripts for the current page at once. This is useful for quickly resetting to a clean state without having to remove scripts individually. Retu...
-
clear_script_replacementsDestructiveRemove all script replacement rules for the current page.
-
remove_persistent_scriptDestructiveRemove a previously registered persistent script by its identifier. After removal, the script will no longer execute on subsequent page loads. Use \
-
remove_script_replacementDestructiveRemove a script replacement rule by its ID.
-
remove_xhr_breakpointDestructiveRemove a previously set XHR/Fetch breakpoint by its URL pattern, or remove all XHR breakpoints.
-
close_pageDestructiveCloses the page by its index. The last open page cannot be closed.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.